Your security, networking, programming, and application news source.

Wednesday, July 23, 2008

Friday, July 18, 2008

New True Crypt Release Features Hidden, Encrypted, OS Partitions

   We know True Crypt as the free-open source application for Windows/Mac/Linux that creates on-the-fly-encrypted drive volumes. You create a file or volume with the combination of several heavy, industry standard, encryption algorithms. With the password, that file or volume can be mounted as a drive letter (in Windows).

   True Crypt has been around a while; it's based on E4M (Encryption for the Masses) and released it's first version at the beginning of 2004. It's popularity exploded when it was the featured topic of a <GRC's Security Now> audio podcast. This was near the popular beginning of the series, which then featured informative, weekly, encryption and network protocol discussions.

   Since it's start, True Crypt has acquired additional innovative features. It can encrypt entire partitions, like an entire hard drive, as well as devices such as USB flash drives. It later featured the ability to create <hidden volumes> through <steganography>(wiki) techniques (hiding the encrypted volume inside a larger one filled with cryptographically random free space).

   The new True Crypt version 6 can not only encrypt your hard drive/partition containing your operating system, prompting you for your password at boot up, but can also make that a hidden volume. This creates an innovative situation of <plausible deniability>.

<True Crypt Downloads>

Monday, July 14, 2008

Open Source Lojack System For Laptops (beta)

   <Adeona> is the first Open Source system for tracking the location of your lost or stolen laptop that does not rely on a proprietary, central service. Adeona instead uses the open source <OpenDHT> distributed storage service to store location updates.
   Protect your laptop, for free, without giving away your privacy to a proprietary central server (and any organizations who could persuade them to share your location information).


"We are exploring the possibility of Adeona for mobile devices, like the iPhone or Windows Mobile."

Beta notes:
   The current version of Adeona is 0.2.1. This is a beta version. Being the first public distribution for deployment, Adeona has been made easy to uninstall. It also shows readily in your system process list. No mention of GPS support. Location information includes: internal IP address, external IP address, nearby routers, access point, photos (Macs only via <isightcapture>).

Wednesday, July 9, 2008

DNS Design Flaw Allows Spoofing


(July 8, 2008) United States Computer Emergency Readiness Team (US-CERT) Vulnerability notice <#800113> regarding a DNS Cache Poisoning Issue.

"It is a fundamental issue affecting the design. Because the system is behaving exactly like it is supposed to behave, the same bug will show up in vendor after vendor after vendor.", says Dan Kaminsky, director of penetration testing, at the <IOActive> security firm. Kaminsky found this flaw more than six months ago while doing non-security related research of the DNS system.

A number of software vendors released patches Tuesday, July 8th. A patch <was released>(July 8, 2008) by Microsoft, being it's scheduled update day, and a patch <was also released> (July 8, 2008) for the Berkeley Internet Name Domain (BIND) server. The <Security Focus article> (July 8, 2008) claims both Cisco and Juniper also acknowledged flawed systems (but haven't released patches).

Thursday, July 3, 2008

Firefox 3 World Record Is Official: 8 Million Downloads

Download Day

Thanks to the support of the always amazing Mozilla community, we now hold a Guinness World Record for the most software downloaded in 24 hours. From 18:16 UTC on June 17, 2008 to 18:16 UTC on June 18, 2008, 8,002,530 people downloaded Firefox 3 "

< World Record>

Wednesday, July 2, 2008

Solid State Drives Aren't Saving Battery Life

  One of the big hopes for solid state hard drives (SSDs) is that they will reduce power consumption, saving on your battery's life. Tests ran by Tom's Hardware of many SSDs from several vendors showed significantly more power consumption than a standard SATA drive. The tests ran are considered pretty reliable.
  This means solid state drivers aren't quite up to snuff for power consumption alone, although certain types of SSDs already provide significant performance advantages. This let-down paired with the current high price of solid state storage over traditional hard drives, will keep SSDs on the back burner for a bit while the technology is refined.

Tom's Hardware: (Contains many pages of extended details of the tests)
<The SSD Power Consumption Hoax : Flash SSDs Don’t Improve Your Notebook Battery Runtime – they Reduce It> June 27, 2008

CrunchGear: (A single page review containing a graph of the data)
<Shock, horror: Apparently SSDs don’t save you any power> July 1st, 2008

Which Linux Distros Are Dying

  An interesting post at has been circulating for a couple days. It has graphed Google search trends for Linux distribution names. Showing a downward trend in Google searches for Debain, Fedora, Red Hat, SUSE, Slackware, and 'Linux' it's self. It shows a interesting gain for 'OpenSUSE', despite the drop in SUSE, and the expected gain dwarfing all others for Ubuntu.

View the whole article and graphs:
< - Which Linux Distributions Are Dying?> June 30th, 2008

<Found noteworthy by Linux Today>